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Abstract 



In proof theory the notion of canonical proof is rather basic, and it is usually 

taken for granted that a canonical proof of a sentence must be unique up to certain 

minor syntactical details (such as, e.g., change of bound variables). When setting 

I— I ■ up a proof theory for equality one is faced with a rather unexpected situation where 

C/3 , there may not be a unique canonical proof of an equality statement. Indeed, in a 

O ■ (1994-5) proposal for the formalisation of proofs of propositional equality in the 

Curry-Howard style |37|, we have already uncovered such a peculiarity. Totally 
fvj . independently, and in a different setting, Hofmann & Streicher (1994) |l12| have 

^ ■ shown how to build a model of Martin-Lof 's Type Theory in which uniqueness 

of canonical proofs of identity types does not hold. The intention here is to show 
("^ ■ that, by considering as sequences of rewrites and substitution, it comes a rather 

0^ ' natural fact that two (or more) distinct proofs may be yet canonical and are none 

to be preferred over one another. By looking at proofs of equality as rewriting 
r~^, ■ (or computational) paths this approach will be in line with the recently proposed 

(^ ' connections between type theory and homotopy theory via identity types, since 

elements of identity types will be, concretely, paths (or homotopies)|j 
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1 Introduction 

There seems to be hardly any doubt that the so-called "identity types" are the most in- 
triguing concept of intensional Martin-Lof type theory [13, 48 1. From the description 
of a workshop entitled Identity Types - Topological and Categorical Structure, organ- 
ised Nov 13-14, 2006, with support from the Swedish Research Council (VR) and the 
mathematics departments of Uppsala University and Stockholm University: 



' The authors would like to thank the anonymous referees for their very careful scrutiny of the paper, lead- 
ing to significant improvements both in content and presentation. It has to be mentioned that the exchange 
of e-mail with Thomas Streicher, which happened around June-July 2011 while preparing the first version, 
was of extraordinary value. Any mistakes or misconceptions, however, are absolutely the fault of the authors 
of this paper. 



"The identity type, the type of proof objects for the fundamental proposi- 
tional equality, is one of the most intriguing constructions of intensional 
dependent type theory (also known as Martin-Lof type theory). Its com- 
plexity became apparent with the Hofmann-Streicher groupoid model of 
type theory. This model also hinted at some possible connections between 
type theory and homotopy theory and higher categories. Exploration of 
this connection is intended to be the main theme of the workshop." 

Indeed, a whole new research avenue has recently been explored by people like Vladimir 
Voevodsky fSOl and Steve Awodey (3] in trying to make a bridge between type the- 
ory and homotopy theory, mainly via the groupoid structure exposed in the Hofmann- 
Streicher countermodel to the principle of Uniqueness of Identity Proofs (UIP). This 
has opened the way to, in Awodey's words, "a new and surprising connection between 
Geometry, Algebra, and Logic, which has recently come to light in the form of an in- 
terpretation of the constructive type theory of Per Martin-Lof into homotopy theory, 
resulting in new examples of certain algebraic structures which are important in topol- 
ogy"- 

Furthermore, there have been several important strands in the area of categori- 
cal semantics for Martin-Lof s type theory, giving rise to rather unexpected links be- 
tween type theory, abstract homotopy theory and higher-dimensional category theory, 
as pointed out by van den Berg and Garner |6|. And this is all due to the peculiar 
structure brought about by the so-called identity types: 

"All of this work can be seen as an elaboration of the following basic 
idea: that in Martin-Lof type theory, a type A is analogous to a topolog- 
ical space; elements a,b E A to points of that space; and elements of an 
identity type p,q E Id^(a, 6) to paths or homotopies p, q : a ^ b in A" 

m 

Computational paths. Motivated by looking at equalities in type theory as arising 
from the existence of computational paths between two formal objects, our purpose 
here is to offer a different perspective on the role and the power of the notion of propo- 
sitional equality as formalised in the so-called Curry-Howard functional interpretation. 
We begin by recalling our previous observation |37| pertaining to the fact that the 
formulation of the identity type by Martin-Lof, both in the intensional and in the ex- 
tensional versions, did not take into account an important entity, namely, identifiers for 
sequences of rewrites, and this has led to a false dichotomy. The missing entity has 
also made it difficult to formulate the introduction rule for both the intensional and the 
extensional version without having to resort to the use of the reflexivity operator "r" as 

in: 

a : A 



r(a) : Id^(a,a) 

when this should come as a consequence of the general principle of equality saying 
that, for all elements a of a type A, equality is by definition a reflexive relation, rather 
than taking part of the definition of the identity type. Instead, if the introduction rule 



for the identity type takes the form of: 

a =.<i b : A 



s{a,b) : Id^(a, 6) 

where the identifier 's' is supposed to denote a sequence of rewrites and substitutions 
which would have started from a and arrived at b, it becomes rather natural to see 
members of identity types as computational (or rewriting) pathsl^ By having the gen- 
eral rules for equality defined as: 

reflexivity symmetry transitivity 

X : A X ^t y- A X ^ty ■ A y =u z -. A 

X =px : A y =„(t) x : A x =T{t,u) z ■ A 

(where 'c' and 'r' are the symmetry and transitivity rewriting operators) one would 

then be able to infer that 

a : A 



A 



p{a) : Id^(a,a) 

Taking an identifier from tlie meta-language to tlie object-language. As we can 

see from the above example, one may start from 'a : A\ i.e. a is an element of type A, 
and take the a to the object-language by inferring that p{a) : Idyi(a, a). That is to say, 
in the latter judgement, the object a is being predicated about in the object language ('a 
is equal to itself). It is only via identity types that this can be done in the framework 
of the Curry-Howard functional interpretation. 

Iteration. In the same aforementioned workshop, B. van den Berg in his contribution 
"Types as weak omega-categories" draws attention to the power of the identity type in 
the iterating types to form a globular set: 

Fix a type X in a context F. Define a globular set as follows: Aq consists 
of the terms of type X in context F, modulo definitional equality; Ai 
consists of terms of the types Id{X;p; q) (in context F) for elements p, q 
in ^0, modulo definitional equality; A2 consists of terms of well-formed 
types Id{Id{X;p; q);r; s) (in context F) for elements p, q in Aq, r, s in 
Ai, modulo definitional equality; etcetera... 

Indeed, one may start from: 

p^r q ■ X p=s q : X 

and 



r{p,q) -.Idxip^q) s{p,q) : ldx{p,q) 

and move up one level as in: 

r{p,q) ^u s{p,q) : Idx {p,q) 

u{r{p,q),s{p,q)) : Id^^ (^p^q){r{p,q),s{p,q)) 



^An anonymous reviewer has pointed out that this is common in the "judgemental" approach to logic: 
one finds the judgement that underlies a proposition (Cf. 1 28 1 and 1161 ). 



and so on... This has been made precise by a theorem of Peter Lumsdaine fTTl and, 
independently, by Benno van den Berg and Richard Garner |'5"6l to the effect that, for 
any type X in Martin-Lof's (intensional) type theory, the globular set X of terms of 
type X; Idx; Idid^ ; •■• carries a natural weak w-groupoid structure. 

Among other things, this makes it possible to formalise UIP in the theory, as pointed 
out in Hofmann-Streicher's (1996) survey 113|: 

"We will call UIP ([/niqueness of Identity Proofs) the following property. 
If ai, 02 are objects of type A then for any proofs p and q of the propo- 
sition "fli equals 02" there is another proof establishing equality of p and 
q. (...) Notice that in traditional logical formalism a principle like UIP 
cannot even be sensibly expressed as proofs cannot be referred to by terms 
of the object language and thus are not within the scope of propositional 
equality." 

The principle of UIP was originally rendered as lfT2l : 

X : A, p:ldA{x,x) h ldj^^(^^^^){p,rA{x)) 
or in the form of a variant for x and y not assumed to be necessarily equal: 

X : A, y: A, p,q : ldA{x,y) h ldii^(^^^y){p,q) 

Counter to the principle, put forward by Martin-L6f, that a type is determined by its 
canonical object, the model of the identity type constructed by Hofmann & Streicher 
contains more than one canonical object, and therefore the UIP does not hold. Although 
this is sharp contrast with the theory of meaning for type theory as developed mainly 
by Martin-Lof, Prawitz and Dummett, it is in perfect agreement with an alternative 
theory of meaning based on reduction rules as meaning-giving which we have been 
advocating for some time now ||29l |30l EU gl] |42l |32l [33l [34 35 36J. 

Elimination rules and the general principles of equality. Another aspect of Martin- 
Lof's formulation of identity types which has posed difficulties in understanding the 
notion of normal proofs of equality statements is the framing of elimination rules for 
identity types as something of the following sort: Id-elimination 

[x:A] [x:A,y:A,z:ldA{x,y)] 

a: A b:A C:IdA{a,b) d{x):C{x,x,r{x)) C(x,y,z)type 

3{c,d) :C{a,b,c) 

together with the conversion rule: Id-conversion 

[x : A] [x : A,y : A,z ■.ldA{x,y)] 

a : A d(x) : C{x, x, r{x)) C{x, y, z) type 



J(r(a), d(a;)) = d{a/x) : C(a,a, r(a)) 

To the elimination operator 'J' it is sometimes associated the definition of the usual 
properties of the equality relation: 



"Surprisingly enough, the J-eliminator is sufficient for constructing terms 
refl, symm, trans and subst inhabiting the types corresponding to the propo- 
sitions expressing reflexivity, symmetry, transitivity and replacement." liT2ll 



Same as in 1131 : 

"The elimination operator J is motivated by the view of Id{A, _, _) as an 
inductively defined family with with constructor refl. Accordingly, J per- 
mits one to define an object of type (ai, a2 : A){s : Id{A, ai,a2)C{ai, 02, s) 
by prescribing its behaviour for arguments of canonical form, i.e. ai = 

02 = a and s = refl{A, a). 

In the presence of Il-sets, this elimination operation J allows one to derive 
the following replacement rule in the presence of Il-sets. 

subst : {A : Set){P : (a : A)Set){ai,a2 : A){s : W(ai,a2))P(ai) -^ P{a2) 

satisfying 

subst{refl{a),p) =p" 

Nevertheless, in Martin-Lof 's type theory the general properties of equality are given 
at the level of definitional equality, independently of the J elimination operator for 
identity types. Moreover, as soon as the formulation of the rules for the identity types 
take into account the aforementioned "missing entity", and thus the existential force of 
propositional equality, the existence of proofs of transitivity and symmetry for propo- 
sitional equality follow from the application of the rules. Our formulation would be as 
in: 

Id-elimination 

[x^ty- A] 

c:ldAix,y) d{t):C 



Jic,td{t)) : C 

(where t is an abstraction over the variable 'i') with the following conversion rule: 
Id-conversion 

a —s h : A [a ~t b : A\ 

-Id-intro 



s{a, b) : ldA{a, b) d{t) : C ^^ ,. a=sb:A 

—^ ^ ; —^ Id-elim i>s ,/ , N ^ 

J{sia,b),td{t)):C ^ d{s/t):C 

giving us the equality: 

3{s{a,b),td{t)) ^p d{s/t) 

With this formulation, we can see that it is by virtue of the elimination rule com- 
bined with the general rules of equality on the level of judgements that one can prove 
transitivity and symmetry for propositional equality: 



Construction 1.1 (invA) 

[x =ty:A] 



y =a{t) X : A 



[c{x,y) : IdAJx.y)] {a{t)){y,x) : ldA{y,x) 

J{c{x,y),{a{i)){y,x)) : ldA{y,x) 

Xc.J{c{x,y),{a{t)){y,x)) : ldA{x,y) -> ldA{y,x) 

Xy.Xc.J{c{x, y), {(j{i)){y, x)) : Uy : A.jldAJx, y) -^ IdAJy, x)) 

Xx.Xy.Xc.J{c{x,y),{a{t)){y,x)) : Ux : A.Uy : A.{ldA{x,y) -^ ldA{y,x)) 

where a is the symmetry operator introduced by the general rule of symmetry given as 
part of the definition of equality on the lefthand side. 

Construction 1.2 (cmpA) 

lw = ty:A] [y = ^z:A] 

ls(y,^):IdA(y,z}] (x(t ,..)) (x ,z),Id^lT:7J 

ly,(m,yy.Idji(m,y-)] J(3(a, z) ,u(T(t ,^))(a;, Ji));ld^ (x, z) 



As.J(m(x,y),tJ(»(y,z),u(T(t,ii))(x,z))):(ld4(B,z)->Id4(x,z)) 

Am.As.J(m(x,y),tJ(a(y,z),u(T(t,u))(x,z))):(ld4(x,i;)->(Id4(B,z)^Id4(x,z))) 

A^.Am.As.J(m(x,y),tJ(s(i;,z),u(T(f,u))(x,^))):nz:A.(Id^(x,y)-»(Id^(y,z)->Id^(x,z))) 

Ay.Az.Am.A3.J(u)(x,y),tJ(a(y,z),ti(T(t,u))(x,z))):nyiA.nz:y<.(ld^(x,y)^(ld^(y,z)-»Id^(x,z))) 

Xx.Xy.\z.Xw.\s.3(w{x,y),t3(s{y,z),u{T{t,u)){x,z))):nx-.A.ny-.A.Uz:A.(ldA{x,y)^f{IdA{y,z)^IdA{x,z))) 

The final proof terms above are called, respectively, invA and crap a by Streicher ll48l : 
"Using J one can define operations 

cmpA G (nx,2/, z : A)ldA{x,y) -^ ldA{y,z) -^ Id^(a;,z) 
invA e (na;, y : A)ldA{x, y) -^ Id^(2/, a;) " 

Tlie groupoid laws. It so happens that the existence of cmpA and invA validates 
the following groupoid laws as pointed out in Streicher's talk at the aforementioned 
workshop "Identity Types vs. Weak w-Groupoids - Some Ideas and Problems" f^Sl: 

(a) {J].x,y,z,u: A) 

(n/ : ldA{x,y)){ng : Id^(y, z))(n/i : ldA{z,u)) 

T-didAix,u){cmpA{f,cmpA{g,h)),cmpA{cmpA{f,9),h)) 
(6) (nx,y : A)ldii^^^^y){cmpA{r{x), f), f) A ldii^^y^^i{cmpA{g,r{y)), g) 
(c) {Ux,y:A){nf:ldA{x,y)) 

T-didA{x,x){cmpA{f,invA{f)),r{x)) Aldj^^(^y^y){cmpA{invA{f), f),r{y)) 

This makes type A an internal groupoid where the groupoid equations hold only in 
the sense of propositional equality. Indeed, via the reduction rules defined over the 
terms corresponding to equality proofs, one can see that the laws are validated. Just 
to motivate the reductions between proofs of equality, let us recall that the rule of 
symmetry is the only rule which changes the direction of an equation. So, its use must 
be controlled. Here we give two reductions over proofs of equality which are related 
to such a need for controlling the use of symmetry. (The rewriting system with all 
reductions between terms of identity types is given in Definition l3.21l ) 



Definition 1.3 (reductions involving p and a) 



'p 



X =r y '■ A 



V^ a't* *^ — " O "^ • -^^ 



y =^(r) x: A _ . A 



X =<T(<j(r)) y ■ A 

Associated rewritings: 

<t{p) t>sr P 

cr{a{r)) \>ss r 

By applying the rule of propositional equality to the level of Idid^(a;,2:) we can get: 

X ^^n X '. A 



X =a{p) X : A x^px: A 



(cr(p))(x) : Id^(x,x) p(a;) : Id^lx, x) 

i.e., '((t(/9))(x)' and 'pixy are two equal proofs of Id^(a;, a;). So, 

cr(p) ^sr P ■ ldA{x,x) 

{sr){a{p),p) : IdM^(^^^)(cr(p), p) 
And similarly: 

X =r y '■ A 



y —air) 



X : A 



X =(T(<T(r)) y ■ A X =ry ■■ A 



{a{a{r))){x,y) : ldAix,y) r{x,y) : ldAix,y) 

Thus: 

cr(cr(r)) =ss r : ldA(x,y) 



(ss)(cr(cr(r)),r) : IdM^(^^j,)(cr(cr(r)), r) 

Similarly, the transitivity operation on proofs of equality brings us the following 
reductions: 

Definition 1.4 (t and r) 

X —t y : A y ~r w : A 



X =^(t r\ W 



T(t,r) 



: A w —^ z : A 



X —T(T(t,r),s) z • A 



y ^^. w : A w =s z : A 

X^ty ■■ A y =r(r,s) z ■■ A 

>tt 



X —T{t,T(r,s)) z : A 

Associated rewriting: 

T{T{t,r),s) \>ttT(t,T{r,s)) 



So, 

X =ty ■ A y ^r w : A 



Thus 



X =^(t J.) w : A w —s z : A 

{T{T{t,r),s)){x,z) : ldAix,z) 

y —r w : A w —s z : A 

x^ty ■■ A y =r(r,s) z : A 

^ =T{t,T{r,s)) z : A 

{T{t,T{r,s))){x,z) : ldA{x,z) 

T{T{t,r),s) ^tt T{t,T{r,s)) : Id^(a;,z) 

{tt){T{T{t, r),s),T{t, T{r, s))) : IdM^(^,^)(r(T(t, r), s), r(t, T{r, s))) 

Notice that, although the type Idjd^(j;_2) (r(T(i, r), s),r(i,r(r, s))) is inhabited, 
i.e. there is a proof-term of that type, this does not pressupose that, seeing t, r, s as 
functions, to[ros) = {tor)os. This is similar to Hofmann-Streicher's statement on 
Proposition 4. 1 of Qll : 

"If oi, 02, as, 04 : A and si : Id^(ai,a2) and S2 ■ Id^(a2,a3) and 
S3 : IdA(a3,a4) then 

trans{s^, {trans{s2, Si)) =prop trans{trans{s3, S2), Si)" 

(where 'si =prop S2' meant that the type ldidAiai,a2){^ij ^2) was inhabited). Notice 
again that it was not required that S3 o (s2 o si) = (S3 o S2) o si. 
The same observation is made by Warren lISTI : 

"For example, given terms / of type ldA{a, b) and g of type ldA{b, c), 
there exists a "composite" (g • /) of type Id^(a. c). However, this compo- 
sition and the identities mentioned above fail to satisfy the actual category 
axioms "on-the-nose", but only up to the existence of terms of further 
"higher-dimensional" identity types. Thus, given / and g as above to- 
gether with a further term h of type IdA (c, d), the type 

idid^(a,d)(^- {g- I)-,{h-g)- f) 

is inhabited; but it is not in general the case that h ■ [g ■ J) — {h ■ g) ■ /." 

The fact that the structure brought about by identity types satisfy the groupoid laws, but 
only 'at the propositional equality', is also highlighted by Steve Awodey in his recent 
survey: 

"In the intensional theory, each type A is thus endowed by the identity 
types Idyi(a, &) with a non-trivial structure. Indeed, this structure was 
observed by Hofmann and Streicher in [HS98] to satisfy conditions anal- 
ogous to the familiar laws for groupoids. Specifically, the posited refex- 
ivity of propositional equality produces identity proofs r(a) : Id^(a, a) 



for any term a : A, playing the role of a unit arrow la for a; and when 
/ : IdA(a, h) is an identity proof, then (corresponding to the symmetry 
of identity) there also exists a proof /^^ : Id^(6, a), to be thought of 
as the inverse of /; finally, when / : Id^(a, 6) and g : Id^(6, c) are 
identity proofs, then (corresponding to transitivity) there is a new proof 
g o f : ldA{a, c), thought of as the composite of / and g. Moreover, this 
structure on each type A can be shown to satisfy the usual groupoid laws, 
but significantly, only up to prepositional equality." |3l 

In what follows we will spell out a refinement of the approach to propositional 
equality which was presented in a previous paper on the functional interpretation of 
direct computations ||43|. The intention, as already put forward above, is to offer a for- 
mulation of a proof theory for propositional equality very much in the style of identity 
types which, besides being a reformulation of Martin-Lof 's own intensional identity 
types into one which dissolves what we see as a false dichotomy, turns out to vali- 
date the groupoid laws as uncovered by Hofmann & Streicher as well as to refute the 
principle of uniqueness of identity proofs. 

The main point of this paper is to establish a bridge from the approach to proposi- 
tional equality that we have been developing since the early 1990's to the one put for- 
ward by the Hofmann-Streicher-Voevodsky-Awodey tradition. This is useful because, 
in spite of the differences in details, the approaches seem to have arrived at similar con- 
clusions: elements of the identity type are paths/sequences-of-rewrites from an object 
to another object of a certain type, which gives rise to all these exciting connections 
to homotopy. The aim is not to make a formal comparison of the two approaches, but 
rather to explore both the similarities and the differences between them, and at the same 
time expose the interesting convergence of groundbreaking conclusions with respect to 
the connections between type theory and homotopy theory. 

2 Normal form for proofs of equality 

The clarification of the notion of normal form for equaUty reasoning took an impor- 
tant step with the work of Statman in the late 1970's f^S", "471. The concept of direct 
computation was instrumental in the development of Statman's approach. By way of 
motivation, let us take a simple example from the A-calculus. 

{\x.{Xy.yx){\w.zw))v >,, {\x.(\y.yx)z)v >^ {\y.yv)z [>^ zv 
{\x.{\y.yx){\w.zw))v >/3 {\x.{\w.zw)x)v >,, {\x.zx)v [>^ zv 
{\x.{Xy.yx){\w.zw))v >/3 {\x.(\'w.zw)x)v >;3 {\w.zw)v >^ zv 

There is at least one sequence of conversions, i.e. one computational path, from the 
initial term to the final term. (In this case we have given three!) Thus, in the formal 
theory of A-calculus, the term {Xx .{Xy .yx){Xw .z'w))v is declared to be equal to zv. 
Now, some natural questions arise: 

1 . Are the sequences/paths themselves normall 

2. Are there non-normal sequences/paths? 
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3. If yes, how are the latter to be identified and (possibly) normalized? 

4. What happens if general rules of equality are involved? 

Of course, if one considers only the /3-contractions, the traditional choice is for the 
so-called outermost and leftmost reduction Mllll . 

Nevertheless, we are interested in an approach to these questions that would be 
applicable both to A-calculus and to proofs in Gentzen's style Natural Deduction. As 
rightly pointed out by Le Chenadec in |8 1, the notion of normal proof has been some- 
what neglected by the systems of equational logic: "In proof-theory, since the origi- 
nal work of Gentzen (1969) on sequent calculus, much work has been devoted to the 
normalization process of various logics, Prawitz (1965), Girard (1988). Such an anal- 
ysis was lacking in equational logic (the only exceptions we are aware of are Statman 
(1977), Kreisel and Tait (1961))." The works of Statman ||46l|47l and Le Chenadec 
£8 1 represent significant attempts to fill this gap. Statman studies proof transformations 
for the equational calculus E of Kreisel-Tait ifTSl . Le Chenadec defines an equational 
proof system (the LE system) and gives a normaUzation procedure. 

What is a proof of an equality statement? The so-called Brouwer-Heyting-Kolmogorov 
Interpretation defines logical connectives by taking proof, rather than truth-values, as a 
primitive notion: 

a proof of the proposition: is given by: 

A A B a proof of A and a proof of B 

AV B a proof of A or a proof of B 

A ^ B a function that turns a proof of A into a proof of B 

\/x^ ■P{x) a function that turns an element a into a proof of P{a) 

3x^ ■P{x) an element a (witness) and a proof of P{a) 

Based on the Curry-Howard functional interpretation of logical connectives, one can 
formulate the BHK-interpretation in formal terms as following: 

a proof of the proposition: has the canonical form of: 

A /\ B {p, q) where p is a proof of A and 5 is a proof of B 

Ay B i{p) where p is a proof of A or i{q) where g is a proof of B 

{'i' and 'j' abbreviate 'into the left/right disjunct') 
A -^ B \x.h{x) where b{p) is a proof of B 

provided p is a proof of A 
\lx^.B{x) Ax.f{x) where /(a) is aproof of i?(a) 

provided a is an arbitrary individual chosen 

from the domain A 
3x"^.B{x) sx.{f{x), a) where a is a witness 

from the domain A, f{a) is a proof of B{a) 

(The term 'ex.{f{x), a)' is framed so as to formalise the notion of a function carrying 
its own argument ll38l .) 

A question remains, however: 
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What is a proof of an equality statement? 

An answer to such a question will help us extend the BHK-interpretation with an ex- 
planation of what is a proof of an equality statement: 

a proof of the proposition: is given by: 

tl=t2 ? 

(Perhaps a sequence of rewrites 
starting from ti and ending in t2?) 

Two related questions naturally arise: 

1 . What is the logical status of the symbol "— "? 

2. What would be a canonical/direct proof of ti =1^1 

In a previous work 11441 we have tried to show how the framework of labelled nat- 
ural deduction can help us formulate a proof theory for the "logical connective" of 
propositional equality^ The connective is meant to be used in reasoning about equality 
between referents (i.e. the terms alongside formulas/types), as well as with a general 
notion of substitution which is needed for the characterization of the so-called term 
declaration logics |2l. 

In order to account for the distinction between the equalities that are: 

definitional, i.e. those equalities that are given as rewrite rules (equations), orelse 
originate from general functional principles (e.g. /3, -q, etc.), 

and those that are: 

propositional, i.e. the equalities that are supported (or otherwise) by an evidence 
(a composition of rewrites), 

we need to provide for an equality sign as a symbol for rewrite (i.e. as part of the func- 
tional calculus on the terms), and an equality sign as a symbol for a relation between 
referents (i.e. as part of the logical calculus on the formulas/types). 

Single steps of reduction come from definitional equalities, and those single steps 
can be composed leading to sequences of rewrites, which can then turned into a propo- 
sitional equality. It helps to remember that in "i : A'\ the logical interpretation is that 
"f ' is a (functional) term, and "A" is a statement. So, the equality is propositional 
when it is a statement, i.e., in "q : Id", "Id" is a statement which is supported by the 
term "g" (which, in its turn, can be an equational term like "a —s b"). So, while "g" 
will carry definitional content (be it single or composed), "Id" will carry propositional 
content. 



^An old question is in order here: what is a logical connective? We shall take it that from the point 
of view of proof theory (natural deduction style) a logical connective is whatever logical symbol which is 
analysable into rules of introduction and elimination. 
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Definitional equalities. Let us recall from the theory of A-calculus, that: 

Definition 2.1 ( lUTI . (Definition 6.2 and Notation 7.1)) The formal theory ofXp-q equal- 
ity has the following axioms: 



{a) Xx.M ^ \y.[y/x\M 

1/3) {Xx.M)N = [N/x]M 

{ri) \\x.Mx) = M 

Ip) M ^ M 



(r) 



(y i FV(M)) 
(x ^ FV{M)) 



and the following ir 


iference rules: 


(m) 


M = M' 
NM = NM' 


(^) 


M = M' 


MN = M'N 


iO 


M = M' 
Xx.M = Xx.M' 


(n 


Mx = Nx 



M ^ N 



N = P 



M ^P 

M ^ N 



N = M 



M = N 
In Martin-Lof's type theory the axioms are introduced as: 



ifx i FV{MN) 



iv) 



[x:A] 
N : A M : B 



{Xx.M)N = M[N/x] : B 








M : {Hx : A)B 
[Xx.Mx) = M : {Wx ; A)B ^"^ 


i FV{M)) 






M -.A 








M = M : A 




M^M' -.A N -.{nx: A)B 
NM = NM' : B 




(r) 


M^N -.A N = P:A 
M^P:A 


N : A M = M' : {Wx : A)B 
MN = M'N : B 




(^) 


M = N : A 
N = M -.A 


[x:A] 
M = M' : B 









Xx.M = Xx.M' : (Ux : A)B 



Propositional equality. Again, let us recall from the formal theory of A-calculus, 
that: 
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Definition 1.37 (^-equality) fTTl 

We say that P is /3-equal or /3-convertible to Q (notation P =^ Q) iff Q 
can be obtained from P by a finite (perhaps empty) series of /3-contractions 
and reversed /3-contractions and changes of bound variables. That is, 
P =13 Q iff there exist Pq^ . . . ,Pn{n>Q) such that 

{\/i>n- l){Pi i>i^ P,+i or P,+i i>i^ Pi or P, ee„ P,+^). 

Pq = P, Pn = Q- 

NB: equality with an existential force. 
The same happens with A/i^Ty-equality: 

Definition 7.5 (A^ry-equality) flT] 

The equality-relation determined by the theory X/3ri is called =i3ri', that is, 

we define 

M =p^ N ^ XPr]\- M = N. 

Note again that two terms are A/Syy-equal if tliere exists a proof of their equality in the 
theory of A/?ry-equality. 

Remark 2.2 In setting up a set of Gentzen 's ND-style rules for equality we need to 
account for: 

1. the dichotomy definitional versus propositional equality; 

2. there may be more than one novmal proof of a certain equality statement; 

3. given a (possibly non-normal) proof the process of bringing it to a normal form 
should be finite and confluent. 

Tlie missing entity. Within the framework of the functional interpretation [a la Curry- 
Howard lfT4ll ). the definitional equality is often considered by reference to a judgement 
of the form: 

a = b: A 

which says that a and b are equal elements from domain or type A. Notice that the 
'reason' why they are equal does not play any part in the judgement. This aspect of 
'forgetting contextual information' is, one might say, the first step towards 'extension- 
ality' of equality, for whenever one wants to introduce intensionality into a logical 
system one invariably needs to introduce information of a 'contextual' nature, such as, 
where the identification of two terms (i.e. equation) comes from. 

We feel that a first step towards finding an alternative formulation of the proof the- 
ory for propositional equality which takes care of the intensional aspect is to allow the 
'reason' for the equality to play a more significant part in the form of judgement. We 
also believe that from the point of view of the logical calculus, if there is a 'reason' 
for two expressions to be considered equal, the proposition asserting their equality will 
be true, regardless of what particular composition of rewrites (definitional equalities) 
amounts to the evidence in support of the proposition concerned. Given these general 
guidelines, we shall provide what may be seen as a middle ground solution between 
the intensional lfT9l[T8]| and the extensional II20II accounts of Martin-Lof's propositional 



13 



equality. The intensionality is taken care by the functional calculus on the labels, while 
the extensionality is catered by the logical calculus on the formulas. In order to ac- 
count for the intensionality in the labels, we shall make the composition of rewrites 
(definitional equalities) appear as indexes of the equality sign in the judgement with a 
variable denoting a sequence of equality identifiers (we have seen that in the Curry- 
Howard functional interpretation there are at least four 'natural' equality identifiers: /3, 
r], ^ and /i). So, instead of the form above, we shall have the following pattern for the 
equality judgement: 

a =s b : A 

where 's' is meant to be a sequence of equality identifiers. 

In the sequel we shall be discussing in some detail the need to identify the kind of 
definitional equality, as well as the need to have a logical connective of 'propositional 
equality' in order to be able to reason about the functional objects (those to the left 
hand side of the ':' sign). 

Term rewriting. Deductive systems based on the Curry-Howard isomorphism lfT4l 
have an interesting feature: normalization and strong normalization (Church-Rosser 
property) theorems can be proved by reductions on the terms of the functional calculus. 
Exploring this important characteristic, we have proved these theorems for the Labelled 
Natural Deduction - LND ||40l |45l via a term rewriting system constructed from the 
LA©-terms of the functional calculus f25\. Applying this same technique to the LND 
equational fragment, we obtain the normalization theorems for the equational logic of 
the Labelled Natural Deduction System Il24l |26l |27ll . 

This technique is used given the possibility of defining two measures of redundancy 
for the LND system that can be dealt with in the object level: the terms on the functional 
calculus and the rewrite reason (composition of rewrites), the latter being indexes of 
the equations in the LND equational fragment. 

In the LND equational logic li37J . the equations have the following pattern: 

a =sb : A 

where one is to read: a is equal to h because of 's' ('s' being the rewrite reason); 's' is 
a term denoting a sequence of equality identifiers (/3, r], a, etc.), i.e. a composition of 
rewrites. In other words, 's' denotes the computational path from a to h. 

In this way, the rewrite reason (reason, for short) represents an orthogonal mea- 
sure of redundancy for the LND, which makes the LND equational fragment an "en- 
riched" system of equational logic. Unlike the traditional equational logic systems, in 
LND equational fragment there is a gain in local control by the use of reason. All the 
proof steps are recorded in the composition of rewrites (reasons). Thus, consulting the 
reasons, one should be able to see whether the proof has the normal form. We have then 
used this powerful mechanism of controlling proofs to present a precise normalization 
procedure for the LND equational fragment. Since the reasons can be dealt with in the 
object level, we can employ a computational method to prove the normalization theo- 
rems: we built a term rewriting system based on an algebraic calculus on the ''rewrite 
reasons", which compute normal proofs. With this we believe we are making a step 
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towards filling a gap in the literature on equational logic and on proof theory (natural 
deduction). 

Kreisel-Tait's system. In ifTSl Kreisel and Tait define the system E for equality rea- 
soning as consisting of axioms of the form t — t, and the following rules of inference: 



(El) 



E[t/x] t = 1 
E[u/x] 

s{t) = s{u) 
t = u 



{E3) --^ for any formula A 

t — s^Ht) 
(i?4„) —--— for any formula A 

where t and u are terms, '0' is the first natural number (zero), 's(-)' is the successor 
function. 

Statman's normal form theorem. In order to prove the normaUzation results for the 
calculus E Statman defines two subsets of E: (i) a natural deduction based calculus for 
equality reasoning NE; (ii) a sequent style calculus SE. 

The NE calculus is defined as having axioms of the form a = a, and the rule of 
substituting equals for equals: 

E[a/u\ a !v b 



E[b/u] 

where E is any set of equations, and a w 5 is ambiguously a ~ b and b ^ a. 

Statman arrives at various important results on normal forms and bounds for proof 
search in NE. In this case, however, a rather different notion of normal form is being 
used: the 'cuts' do not arise out of an inversion principle, as it is the case for the 
logical connectives, but rather from a certain form of sequence of equations which 
Statman calls computation, and whose normal form is called direct computation. With 
the formulation of a proof theory for the 'logical connective' of propositional equality 
we wish to analyse equality reasoning into its basic components: rewrites, on the one 
hand, and statements about the existence of rewrites, on the other hand. This type of 
analysis came to the surface in the context of constructive type theory and the Curry- 
Howard functional interpretation. 

Martin-L6f 's Identity type. There has been essentially two approaches to the prob- 
lem of characterizing a proof theory for propositional equality, both of which originate 
in P. Martin-Lof's work on Intuitionistic Type Theory: the intensional |19| and the 
extensional ll20ll2Ti formulations. 
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The extensional version. In his ll20l and 1211 presentations of Intuitionistic Type 
Theory P. Martin-L6f defines the type of ejcfeni/ona/ prepositional equahty 'Id' (here 
called 'Id^^*') as: 

16.'^^^ -formation 



Id. -introduction 



A type 


a: A b : A 


Id 


T\a,b)type 




a = b : A 


r 


: ldfj=\a,b) 


c 


■.ld'f{a,b) 




a = b : A 


c 


■.IdT\a,b) 



lA*^^*- -elimination^ 



16!^^*- -equality 

c: I. 
c = r: Id5^*(a,&) 

Note that the above account of propositional equality does not 'keep track of all 
proof steps': both in the 16!^^^ -introduction and in the Id!^^*^ -elimination rules there is 
a considerable loss of information concerning the deduction steps. While in the Id^^*- 
introduction rale the 'a' and the '6' do not appear in the 'trace' (the label/term alongside 
the logical formula/type), the latter containing only the canonical element 'r', in the 
rule of W^^* -elimination all the trace that might be recorded in the term 'c' simply 
disappears from label of the conclusion. If by 'intensionality' we understand a feature 
of a logical system which identifies as paramount the concern with issues of context 
and provability, then it is quite clear that any logical system containing Id'^^*-type can 
hardly be said to be 'intensional': as we have said above, neither its introduction rule 
nor its elimination rule carry the necessary contextual information from the premise to 
the conclusion. 

The intensional version. Another version of the propositional equality, which has 
its origins in Martin-Lof's early accounts of Intuitionistic Type Theory lfT8l [T9l. and is 
apparently in the most recent, as yet unpublished, versions of type theory, is defined 
in 1491 and l23l . In a section dedicated to the intensional vs. extensional debate, 
(p.633) says that: 

"Martin-Lof has returned to an intensional point of view, as in Martin- 
Lof (1975), that is to say, t — t' 6 A is understood as "t and t' are 
definitionally equal". As a consequence the rules for identity types have 
to be adapted." 



^The set ofiijles given in |20| contained tlie additional elimination rule: 

c:Idf"(a, b) d:C{T/z) 
J(c,d) : C(c/z) 
which may be seen as reminiscent of the previous intensional account of propositional equality 1191 . 
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If we try to combine the existing accounts of the intensional equality type 'Id^' ||T9l 
, here denoted 'Id*"*', the rules will look like: 



A type a: A b : A 



Id™* -formation 



Id -introduction 



Id^"*(a,6)iype 



a: A a = b : A 



r (a) : Id^* (a, a) r (a) : Id^* (a, b) 

Id™* -elimination 

[x:A] [x:A,y:A,z:IdJ^*{x,y)] 

a : A b : A C:IdT*(a, 6) d{x):C(x,x,r{x)) C(x,y,z)type 



3{c,d):C{a,b,c) 



Id™* -equality 



[x:A] [x:A,y:A,z:ld'f{x,v)] 



a : A d{x) : C{x, x, r(a;)) G{x, y, z) type 

J(r(a),(i(a;)) =d{a/x) : C(a,a, r(a)) 

With slight differences in notation, the 'adapted' rules for identity type given in ll49l 
and 1231 resembles the one given in 1 19|. It is called intensional equality because there 
remains no direct connection between judgements like 'a = b : A' and 'c : ld™*{a,by. 



will be a little more elaborate than the extensional Id^^*-type, and simpler than the in- 
tensional Id^*-type, could prove more convenient from the point of view of the 'log- 



A labelled proof theory for propositional equality. Now, it seems that an alterna- 
tive formulation of propositional equality within the functional interpretation, which 

ical interpretation' . It seems that whereas in the former we have a considerable loss 
of information in the Id'^^* -elimination, in the sense that propositional equaUty and 
definitional equality are collapsed into one, in the latter we have an Id™* -elimination 
too heavily loaded with (perhaps unnecessary) information. If, on the one hand, there 
is an overexplicitation of information in Id"'*, on the other hand, in Id*^^* we have 
a case of wniierexplicitation. With the formulation of a proof theory for equality via 
labelled natural deduction we wish to find a middle ground solution between those two 
extremes. 



3 Labelled deduction 

The functional interpretation of logical connectives via deductive systems which use 
some sort of labelling mechanism lISTl |9l \}U\ can be seen as the basis for a general 
framework characterizing logics via a clear separation between a functional calculus 
on the labels, i.e. the referents (names of individuals, expressions denoting the record 
of proof steps used to arrive at a certain formula, names of 'worlds', etc.) and a logical 
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calculus on the formulas. The key idea is to make these two dimensions as harmonious 
as possible, i.e. that the functional calculus on the labels matches the logical calculus 
on the formulas at least in the sense that to every abstraction on the variables of the 
functional calculus there corresponds a discharge of an assumption-formula of the log- 
ical calculus. One aspect of such interpretation which stirred much discussion in the 
literature of the past ten years or so, especially in connection with Intuitionistic Type 
Theory ||2TI . was that of whether the logical connective of propositional equality ought 
to be dealt with 'extensionally' or 'intensionally'. Here we attempt to formulate what 
appears to be a middle ground solution, in the sense that the intensional aspect is dealt 
with in the functional calculus on the labels, whereas the extensionality is kept to the 
logical calculus. We also intend to demonstrate that the connective of propositional 
equality (cf. Aczel's |[T1 'Id') needs to be dealt with in a similar manner to 'Skolem- 
type' connectives (such as disjunction and existential quantification), where notions 
like hiding, choice and dependent variables play crucial roles. 

3.1 Identifiers for (compositions of) equalities 

In the functional interpretation, where a functional calculus on the labels go hand in 
hand with a logical calculus on the formulas, we have a classification of equalities, 
whose identifications are carried along as part of the deduction: either /3-, 77-, ^-, /i- or 
a- equality will have been part of an expression labelling a formula containing 'Id'. 
There one finds the key to the idea of 'hiding' in the introduction rule, and opening 
local (Skolem-type) assumptions in the elimination rule. (Recall that in the case of 
disjunction we also have alternatives: either into the left disjunct, or into the right 
disjunct.) So, we believe that it is not unreasonable to start off the formalization of 
propositional equality with the parallel to the disjunction and existential cases in mind. 
Only, the witness of the type of propositional equality are not the 'a's and '6's of 
'a = b : A\ but the actual (sequence of) equalities (/?-, 77-, ^-, a-) that might have been 
used to arrive at the judgement 'a =s b : A' (meaning 'a = &' because of 's'), 's' being 
a sequence made up of (3-, 77-, ^- and/or a-equalities, perhaps with some of the general 
equality rules of reflexivity, symmetry and transitivity. So, in the introduction rule of 
the type we need to form the canonical proof as if we were hiding the actual sequence. 
Also, in the rule of elimination we need to open a new local assumption introducing a 
new variable denoting a possible sequence as a (Skolem-type) new constant. That is, 
in order to eliminate the connective 'Id^' (i.e. to deduce something from a proposition 
like 'Idyl (a, b)'), we start by choosing a new variable to denote the reason why the 
two terms are equal: 'let t be an expression (sequence of equalities) justifying the 
equality between the terms' . If we then arrive at an arbitrary formula 'C labelled with 
an expression where the t still occurs free, then we can conclude that the same C can 
be obtained from the Id-formula regardless of the identity of the chosen t, meaning 
that the label alongside C in the conclusion will have been abstracted from the free 
occurrences of t. 

Observe that now we are still able to 'keep track' of all proof steps (which does not 
happen with Martin-Lof's Id^*-type) 1201 I2TI . and we have an easier formulation (as 
compared with Martin-Lof's Id™*-type) |fT9l of how to perform the elimination step. 
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3.2 The proof rules 

In formulating the propositional equality connective, which we shall identify by 'Id', 
we shall keep the pattern of inference rules essentially the same as the one used for 
the other logical connectives (as in, e.g. |38|), and we shall provide an alternative 
presentation of propositional equality as follows: 

Id-formation 

A type a: A b : A 

Idyl (a, b) type 

Id-introduction 

a =s b : A a =s b : A a =t b : A s =z t : Idyi(a, 6) 

s{a, b) : ldA{a, b) s{a, b) =^(2) t{a, b) : Idyi(a, b) 

(Notice that the ^ rule for Id^i has an extra hypothesis, which, though apparently cir- 
cular, is concerned with making sure that not all sequences of rewrites from a to & are 
definitionally equal: in order to be declared ^-equal, two sequences need to be equal 
from some other reason.) 

Id- elimination 

[a=tb: A] [a^tb: A] 

p : Idyl (a, b) d{t) : C p ^r Q ■ Idyi(a, b) d{t) : C 



J(p, tdit)) : C J(p, tdit)) =^(,) J(5, tdit)) : C 

Id-reduction 

a^sb:A [a^tb:A] 

-Id-mtr 



s{a, b) : ldA{a, b) d(t) : C ^^ ,. a=sb: A 

-^ ^ -, ^^ Id-elim >« , , ^ „ 

J{sia,b),td{t)):C ^ d{s/t):C 

giving rise to the equality 

J{s{a,b),td{t)) ^fi d{s/t) : C 

Id-induction 

[a^tb: A] 

I JN ~i — r; 1 — Tz^d-intr 

e:IdA(a, 6) t(a, 6) : Id^ia, 6) 

^ — ; ^ ^ Id-elim t>„ e : Id/i(a, 0) 

J(e,tt(a,6)):Id^(a,6) ^ ^ ' ' 

giving rise to the equality 

3{e,tt{a,b)) =^ e : Idyi(a, &) 

where ' '' is an abstractor which binds the occurrences of the (new) variable 'i' intro- 
duced with the local assumption '[a =t b : A]' as a kind of 'Skolem'-type constant 
denoting the (presumed) 'reason' why 'a' was assumed to be equal to '6'. (Recall 
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the Skolem-type procedures of introducing new local assumptions in order to allow 
for the elimination of logical connectives where the notion of 'hiding' is crucial, e.g. 
disjunction and existential quantifier - in |[38l .) 

Now, having been defined as a 'Skolem'-type connective, 'Id' needs to have a con- 
version stating the non-interference of the newly opened branch (the local assumption 
in the Id-elimination rule) with the main branch. Thus, we have; 

Id-(pemiutative) reduction 

[a=tb: A] [a =f 6 : A] 

e:ldAia,b) d{t) : C d{t) : C 

Jjejdjt)) :C e:ldA{a,b) w{d{t)):W'^ 

w{J{e,id(t))):W ^ ^'^ J{e,tw{d(t))) : W 

provided w does not disturb the existing dependencies in the term e (the main branch), 
i.e. provided that rule 'r' does not discharge any assumption on which 'Id^(a, 6)' 
depends. The corresponding (^-equality is: 

w{3{e,td{t))) ==(; J{e,tw{d{t))) 

The equality indicates that the operation w can be pushed inside the '-abstraction term, 
provided that it does not affect the dependencies of the term e. 

Since we are defining the logical connective 'Id' as a connective which deals with 
singular terms, where the 'witness' is supposed to be hidden, we shall not be using 
direct elimination like Martin-Lof 's Id'^^*^ -elimination. Instead, we shall be using the 
following Id-elimination: 

[a^tb: A] [a^tb: A] 

e : ldA{a, b) d{t) : C e^s f ■ IdA(a, b) d{t) : C 



J(e, tdit)) : C J(e, td{t)) =^., J(/, td{t)) : C 

The elimination rule involves the introduction of a new local assumption (and corre- 
sponding variable in the functional calculus), namely '[a =t 6 : A]' (where 'i' is the 
new variable) which is only discharged (and 't' bound) in the conclusion of the rule. 
The intuitive explanation would be given in the following lines. In order to eliminate 
the equality Id-connective, where one does not have access to the 'reason' (i.e. a se- 
quence of '/3', '?/', '^' or '<^' equalities) why the equality holds because 'Id' is supposed 
to be a connective dealing with singular terms (as are 'V' and '3'), in the first step one 
has to open a new local assumption supposing the equality holds because of, say 't' 
(a new variable). The new assumption then stands for 'let t be the unknown equality'. 
If a third (arbitrary) statement can be obtained from this new local assumption via an 
unspecified number of steps which does not involve any binding of the new variable 
'i', then one discharges the newly introduced local assumption binding the free occur- 
rences of the new variable in the label alongside the statement obtained, and concludes 
that that statement is to be labelled by the term 'J{e,td{t)y where the new variable 
(i.e. t) is bound by the '"-abstractor. 
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Another feature of the Id-connective which is worth noticing at this stage is the 
equaUty under '^' of all its elements (see second introduction rule). This does not mean 
that the labels serving as evidences for the Id-statement are all identical to a constant 
(cf. constant 'r' in Martin-Lof's Idej;i-type), but simply that if two (sequences of) 
equality are obtained as witnesses of the equality between, say 'a' and 'fe' of domain 
A, then they are taken to be equal under ^-equality. It would not seem unreasonable 
to think of the Id-connective of propositional equality as expressing the proposition 
which, whenever true, indicates that the two elements of the domain concerned are 
equal under some (unspecified, hidden) composition of definitional equalities. It is as 
if the proposition points to the existence of a term (witness) which depends on both 
elements and on the kind of equality judgements used to arrive at its proof. So, in 
the logical side, one forgets about what was the actual witness. Cf. the existential 
generalization: 

F{t) 
3x.F{x) 

where the actual witness is in fact 'abandoned'. Obviously, as we are interested in 
keeping track of relevant information introduced by each proof step, in labelled natural 
deduction system the witness is not abandoned, but is carried over as an unbounded 
name in the label of the corresponding conclusion formula. 

t : A fit) : F{t) 
£x.{f{x),t) : 3xA.F{x) 

Note, however, that it is carried along only in the functional side, the logical side not 
keeping any trace of it at all. 

Now, notice that if the functional calculus on the labels is to match the logical 
calculus on the formulas, than we must have the resulting label on the left of the 'i>/3' as 
/3-convertible to the concluding label on the right. So, we must have the convertibility 
equality: 

J(s(a,6),i(i(t)) =/3 d{s/t) : C 

The same holds for the 77-equality: 

J(e,tt(a, 6)) —rj e : Idyi(a, &) 

Parallel to the case of disjunction, where two different constructors distin- 
guish the two alternatives, namely 'z' and 'j', we here have any (sequence of) equality 
identifiers ('/3', '77', '^', '^', etc.) as constructors of proofs for the Id-connective. 
They are meant to denote the alternatives available. 

General rules of equality. Apart from the already mentioned 'constants' (identifiers) 
which compose the reasons for equality (i.e. the indexes to the equality on the func- 
tional calculus), it is reasonable to expect that the following rules are taken for granted: 
reflexivity, symmetry and transitivity. 
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Substitution without involving quantifiers. We know from logic programming, i.e. 
from the theory of unification, that substitution can take place even when no quanti- 
fier is involved. This is justified when, for some reason a certain referent can replace 
another under some condition for identifying the one with the other 

Now, what would be counterpart to such a 'quantifier-less' notion of substitution 
in a labelled natural deduction system. Without the appropriate means of handling 
equality (definitional and propositional) we would hardly be capable of finding such a 
counterpart. Having said all that, let us think of what we ought to do at a certain stage 
in a proof (deduction) where the following two premises would be at hand; 

a=gy: A and /(a) : P{a) 

We have that a and y are equal ('identifiable') under some arbitrary sequence of equal- 
ities (rewrites) which we name g. We also have that the predicate formula P{a) is 
labelled by a certain functional expression / which depends on a. Clearly, if a and 
y are 'identifiable', we would like to infer that P, being true of a, will also be true 
of y. So, we shall be happy in inferring (on the logical calculus) the formula P{y). 
Now, given that we ought to compose the label of the conclusion out of a composition 
of the labels of the premises, what label should we insert alongside P(y)? Perhaps 
various good answers could be given here, but we shall choose one which is in line 
with our 'keeping record of what (relevant) data was used in a deduction' . We have 
already stated how much importance we attach to names of individuals, names of for- 
mula instances, and of course, what kind of deduction was performed (i.e. what kind 
of connective was introduced or eliminated). In this section we have also insisted on 
the importance of, not only 'classifying' the equalities, but also having variables for 
the kinds of equalities that may be used in a deduction. Let us then formulate our rule 
of 'quantifier-less' substitution as: 

a=gy:A f{a) : Pja) 
g{a,y)-f{a):P{y) 

which could be explained in words as follows: if a and y are 'identifiable' due to a 
certain g, and /(a) is the evidence for P{a), then let the composition of g{a, y) (the 
label for the propositional equality between a and y) with /(a) (the evidence for P{a)) 
be the evidence for P{y). 

By having this extra rule of substitution added to the system of rules of inference, 
we are able to validate one half of the so-called 'Leibniz's law', namely: 

Vx-^Vy^.(ld^(x,y) ^ {P{x) ^ P{y))) 

Tlie LND equational fragment. As we already mentioned, in the LND equational 
logic, the equations have an index (the reason) which keeps all proof steps. The reasons 
is defined by the kind of rule used in the proof and the equational axioms (definitional 
equalities) of the system. The rules are divided into the following classes: (i) general 
rules; (ii) subterm substitution rule; (iii) ^- and /i-rules. 

Since the LND system is based on the Curry-Howard isomorphism L14|, terms 
represent proof constructions, thus proof transformations correspond to equalities be- 
tween terms. In this way, the LND equational logic can deal with equalities between 
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LND proofs. The proofs in the LND equational fragment which deals with equalities 
between deductions are built from the basic proof transformations for the LND system, 
given in I ffOl [38l |45l . These basic proof transformations form an equational system, 
composed by definitional equalities {fi, rj and Q. 

General rules. 

Deflnition 3.1 (equation) An equation in LNDeq is of the form: 

S ^—j' t ! yi 

where s and t are terms, r is the identifier for the rewrite reason, and A is the type 
(formula). 

Deflnition 3.2 (system of equations) A system of equations S is a set of equations: 

\Si ^^ Zi . J^l, . ■ • , Sji — j'n ^n • -^n J 

where ri is the rewrite reason identifier for the ith equation in S. 

Deflnition 3.3 (rewrite reason) Given a system of equations S and an equation s —r 
t : A, if S \- s ~r t '■ A, i.e. there is a deduction/computation of the equation starting 
from the equations in S, then the rewrite reason r is built up from: 

(i) the constants for rewrite reasons; { p, /3, r], C, }; 

(ii) the ri 's; 

using the substitution operations: 

(Hi) subL,' 

(iv) subR,- 

and the operations ft? r building new rewrite reasons; 

(v) a, T, C M- 

Deflnition 3.4 (general rules of equality) The general rules for equality (refiexivity, 
symmetry and transitivity) are defined as follows: 

refiexivity symmetry transitivity 

X : A X ^ty ■ A X ^tU ■ A y =u z : A 

X =p X : A y =^a{t) x : A x ^=T(t,u) ^ • A 
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The "subterm substitution" rule. Equational logic as usually presented has the fol- 
lowing inference rule of substitution: 

s = t 



s9 = te 
where 6' is a substitution. 

Note that the substitution 6 "appeared" in the conclusion of the rule. As rightly 
pointed out by Le Chenadec in ||8|, from the viewpoint of the sub formula property 
(objects in the conclusion of some inference should be subobjects of the premises), this 
rule is unsatisfactory. He then defines two rules: 

M = JV C[N] = M = C[N] N = 

C[M] = O M = C[0] 

where M, N and O are terms and the context C[_] is adopted in order to distinguish 
subterms. 

In II25I we have formulated an inference rule called "subterm substitution" which 
deals in a explicit way^ with substitutions. In fact, the LND Il40il45 1 can be seen as an 
enriched system which brings to the object language terms, and now substitutions. 

Definition 3.5 (subterm substitution) The rule of "subterm substitution " is framed 
as follows: 

X —r C[y\ : A y —a u : A' x =r w : A' C[w] —s u : A 



^ — subi.(r,s) L-[wJ '.A CpJ — subB(r,s) U I A 

where C is the context in which the subterm detached by '[ ]' appears and A' could 
be a subdomain of A, equal to A or disjoint to A. (C[u\ is the result of replacing all 
occurrences ofybyu in Cjj 

The symbols subL and suba denote in which side (L - left or R - right) is the 
premiss that contains the subterm to be substituted. 

Note that the transitivity rule previously defined can be seen as a special case for 
this rule when A' = A and the context C is empty. 



^ In |40 1 de Queiroz and Gabbay recall Girard. who describes the intimate connections between construc- 
tivity and explicitation, and claim that "...one of the aims of inserting a label alongside formulas (accounting 
for the steps made to arrive at each particular point in the deduction) is exactly that of making explicit the 
use of formulas (and instances of formulas and individuals) throughout a deduction ..." 

^We should like to thank an anonymous referee who pointed out the ambiguity which would remain in 
case this condition is not made clear. 
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The £,- and /i-rules. In the Curry-Howard "formulae-as-types" interpretation |[T4l . 
the ^-rulqj states when two canonical elements are equal, and the /i-rulcl states when 
two noncanonical elements are equal. So, each introduction rule for the LND system 
has associated to it a ^-rule and each elimination rule has a related /i-rule. For instance, 
the ^-rule and /x-rule for the connective A are defined as follows: 



{x,s) ^^(u,v) {y,t) : AAB 
X =r y '■ A A B X ~r y : A A B 



FST(a;) =^(,) FST(y) : A SND(x) =^(,) SND(y) : B 

Term rewriting system for LND with equaUty. In ["261 we have proved termination 
and confluence for the rewriting system arising out of the proof rules given for the 
proposed natural deduction system for equality. 

The idea is to analyse all possible occurrences of redundancies in proofs which 
involve the rules of rewriting, and the most obvious case is the nested application of the 
rule of symmetry. But there are a number of cases when the application of rewriting 
rules is redundant, but which is not immediately obvious that there is a redundancy. 
Take, for instance, the following case: 



Definition 3.6 (reductions involving r) 



X = 


=r y 


■ A j/=„(. 


r)X 


■.A 


y = 


X = 

--a(r) 


=r(r,,T(r)) X 

X : A X = 


:A 

ry 


■.A 


u 


y = 


■ A v^p 


A 

V : 


A 



u = 



T{r,p) 



V : A 



\^ff X p X '. -Tl 

>tsr y^py.A 

>trr U =r V : A 



^The 5-rule is the formal counterpart to Bishop's constructive principle of definition of a set |7| (page 2) 
which says: "To define a set we prescribe, at least implicitly, what we have (the constructing intelligence) 
must to do in order to construct an element of the set, and what we must do to show that two elements of the 
set are equal." Cf. also [7] (page 12) Bishop defines a product of set as "The cartesian product, or simply 
product, X = Xi X ... X Xn of sets Xi , X2 , ■ . ■ , Xn is defined to be the set of all ordered n-tuples 
(xi, . . . , Xn) and (j/i, . . . , y„) of X are equal if the coordinates Xi and yi are equal for each i." See also 
1211 (p. 8): "... a set A is defined by prescribing how a canonical element of A is formed as well as how two 
equal canonical elements of A are formed." We also know from the theory of Lambda Calculus the definition 
of 5-rule, see e.g. |4| (pp. 23 and 78): "^ : M = N ^ \x.M = Xx.N" 

*The /i-rule is also defined in the theory of Lambda Calculus, see e.g. 1221 : "The equational axioms and 
inference rules are as follows, where [N/x]M denotes substitution of N for x in M. . . . 

T t> Ml = M2 : (7 ^ T r t> Ni = N2 : a 
M 



r l> MiAfi = M2N2 : T 
and is divided into two equalities p and 1/ in 1111 (p. 66): 

, , M = M' ^ ^ M = M' 

(A')t777 ^7777 (^)- 



NM = NM' " ' MN = M'N 
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u = p u : A u =r V : A 

>tlr U^r V : A 



u ■ 



rip-r) 



V : A 



Associated rewriting rule over the reason: 

T(r,cr(r)) t>tr P 
T(a(r),r) >tsr P 

T{r, p) t>trr r 

T(p,r) Otirr. 

Below is another less obvious case of ocurrence of redundancy: 

Definition 3.7 

[x:A] 

b(x) —r qix) : B 

^-^ — > -intr 

a=s a' : A \x.b{x) =^rr) \x.g{x) : A ^ B 

— — — >■ -elim 

APP(Ax.6(x),a) =^(s,4(r)) APP(Ax.g(x),a') : B 

>mxi b(a/x) ==^(s) g{a' /x) : B 

Associated rewriting rule: 

fj,{s,^{r)) >mxir{s). 



As an example: 
Example 3.8 



X =r y '■ A 

X=ry: A y =cr(r) X ! A 



ijx) =i{r) i{y) ■■ A + B i{y) =;(^(r)) ijx) : A + B 
i{x) =r(e(r),?(<T(r))) i{x) : A + B 



X : A 



>tr 



X — p X '. i\. 



*(^) =?(p) *(^) : -4 + B 
Associated rewriting rule over the reason: 
r{ar)A{<y{r)))>trap)- 
Definition 3.9 (reductions involving p and a) 

X ^n ^ '• -^ 



~P ■ 
X cr(p) •^ 



:A 



t> X =n X : A 



X =a(a(r)) y ■ A 

Associated rewritings: 

a{p) t>sr P 
cr(o-(r)) t>sr r 



X —r y '■ A 

y =a{r) X: A 

> X —r y : A 
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Definition 3.10 (reductions involving t) 

X ^rV ■■ A y =„(r) X : A 





x^. 


-{r,cr(r)) X 


'■.A 




y = 


= cr(r) X 


■.A X-- 


=r y 


■.A 




y^T 


(<T(r),r) y 


■.A 




u 


=r V : 


A V = 


pV. 


A 




u = 


■rir,p) V : 


A 




u 


=pu: 


: A u = 


r V : 


A 



r(p,r) V : A 



>tsr y=py-A 

>trr U =r V : A 
\>tlr U =r V : A 



Note that the first two reductions identify the case in which a reason which is part 
of a rewrite sequence meets its inverse. 

These reductions can be generahzed to transformations where the reasons r and 
a{r) (transf. 1 and 2) and r and p (transf. 3 and 4) appear in some context, as illustrated 
by the following example: 

Example 3.11 

X =r y : A 



X =ry ■■ A y =<T(r) X : A 



ijr) =^{r) i{y) ■■ A + B i{y) ^^(a(r)) ijx) '.A + B 

iix) =r(5(r),C((T(r))) K^) : A + B 



:A 



>tr 



-p X : A 



"^i^) =C(p) ^(^) -A + B 



Associated rewritings: 

T{C[r],C[a{T)])>trC[p] 
T{C[a(r)],C[r])>tsrC[p] 
T(C[r],C[p\)>trrC[r] 
r{C[p],C[r])>tirC[r] 

Definition 3.12 (substitution rules) 

vi ^~j^ L^\x\ ', yi X ^^^ p X ', yi 

W =s\ihi.{r,p) C[x\ : A 
X ^ p X \ A G \X\ ^j' Z ', A 



C[x\ — subR(p,r) ^ • A 

z ^s C[y] : A y =r w : A' y =r w : A' 



\>slr U —r C[x\ : A 



^^ ST'T" *^ — 7^ ' '^^ 



^=s^Ms.)C[w]:D --^Wy:^,^^^^^^cM:A 



Z — subL(subL(s,r),CT(r)) C[y\ : A 
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z ^s C[y] : A y =,. w : A' y ^r w '■ A' 



Z =subi.(^,r) C[w] : A W =„(^r) V ■ A' 

Z =subL(subL(s,r),<T(r)) C[y\ : A 



>siss z =s C[y] : A 



w.A' 



A' 



C[w\ =suba(CT(s),r) Z : A 



^[■^\ subR(s,subR(a(s),r)) Z '■ A 



SV S *-' «^ — f -4/ . jt. 



w : A' X —^ w : A' C\vj\ —r z : A 



7{s) X '■ A C[x\ — subR(s,r) z : A 

C[w] =subE(cr(s),subH(s,r)) Z : A 



C[w] =r z : A 



Associated rewritings: 

subL(C[r],C[p])i>sirC[r] 
subR(C[p],C[r])i>s„C[r] 
subL(subL(s,C[-r]),C[CT(r)]) t'su s 
subL(subL(s, C[cr(r)]),C[r]) t>siss s 
suba(s, subR(C[a(s)], r)) t>srs r 

SUbR(C[cr(s)], SUbR(C[s], r)) >srrr r 



Definition 3.13 

Prewr- X -reduction 
X =r y '■ A 



:B 



X -mtr 



{x,z) =^{r,s) {y,w) : Ax B 

FST{{x,z)) =^(c(.,«)) FST{{y,w)) : A 

X =r y '■ A z =s w : B 



{x,z) =5(r,s) {y,w) : Ax B 



X -mtr 



SND({x,z)) =^iiir,s)) SND{{y,w)) : B 



Associated rewritings: 

fJ.{^{r, s)) >rnx2l r 
/X(^(r, s)) >rnx2r S 

Prewr-+-reduction 
a =r a' : A 

i{a) =^(r) i(a') ■ A + B 



X -elim 



X -elim 



-mtr 



A] 



>mx2l X ^r y ■ A 



^mx2r Z —s W : B 



[y-B] 



fix) =, k{x) : C g{y) =„ h{y) : C 



D{i{a),xf{x),yg{y)) ^^(^(r)^s,u) D{i{a'),xk{x),yh{y)) : C 



-elim 



28 



a =,. a' : A 
^"^^^ f{a/x) ^, k{a'/x) : C 



b^rb'-B [x:A] [y.B] 

mbox—intr 



j{b) =^(,) j{b') -.A + B fix) =s k{x) : C g{y) ^u h{y) ■ C 

i^^i 1 — eiiYYi 

D{j{b),xf{x),yg{y)) ^^(^^{r),s.u) D{j(b'),xk{x),yh{y)) : C 

b^sb' -.B 
"-3^ g{bly) =„ h{b'/y) : C 

Associated rewritings: 

/j{^{r),S,u) >rnx3l S 
IJ,{^{r),S,u) >mx3rU 

Prewr-^-reduction 

[x:A] 

fix) ^r g{x) : P(x) 



a : A Xx.f{x) ^^(s) Xx.g{x) : IIx : A.B{x) 

APP{\x.f{x),a) =^(.,5M) APP{\x.g{x),a) : Hx : A.B{x) 

a : A 

f{a/x) ^r .9(0/2;) : B{a) 
Associated rewriting: 

fj,{s,^{r)) >rnxl r 

Prewr-'^-reduction 

a: A f{a)=ri{a):B{a) [t : A,g{t) : B{t)] 

e.x{f{x),a) =5(r) sx.{i{x),a) : Y^x^^.B^x) d{g,t) =s h{g,t) : C 
E{ex.{f{x),a),gtd{g,t)) =^(^(r),s) E{ex.{i{x),a),gth{g,t)) : C 

a : A f{a) ^r g{o-) '■ B{a) 
^™"'' d{f/g,a/t)=sh{i/g,a/t):C 
Associated rewriting: 
li{^{r),s) t>„ixi s 

Definition 3.14 (rjrewr) 
Vrewr- x-reduction 

x =r y : A X B X =r y '■ A X B 

X -elim — X -elim 



FST{x) =^(,) FST{y) : A SND{x) =^(,) SND{y) : B 

'^ "• ' r \ / yc-iTitr 

{FST{x),SND{x)) -5(^(,)) {FST{y),SND{y)) : A x B 

^mx X ^r y '■ A X B 

Vrewr- +-reduction 

[ai =r a2: A] [bi =s b2 : B] 

1 — intr 1 — intr 

c^td:A + B i(ai) ^g(^) i(a2) -.A + B j{bi) =g(,) j{b2) -.A + B 

D{c,dii{ai),bij{bi)) =f,(t,ar),iis)) D{d,a'2i{a2),b2J{b2)) 
-elim 

^mxx c ^t d : A + B 
Yi-rjrewr-reduction 
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\t: A] c=rd: IVx'^.Bix) ^ , 

— — -— — ■ , , , vV-elim 

APP{c, t) =^(,) APP{d, t) : B{t) 

—- ll-iTitr 

Xt.APP{c,t) =5(^(r)) \t.APP{d,t) : m : A.B{t) 

^xmr c =j. d : IIx : A.B{x) 

where c and d do not depend on x. 

Yi-rjrewr-reduction 

[t:A] [g{t)=rh{t):B{t)] ^ .^^^_ 

c : Sx : A.B{x) ey.{g(y),t) =5(^) ey.(h(y),t) : Ey : A.B{y) 

: -^ — — Ij-elim 

E{c,gtey.{g{y),t)) =^,(s^ar)) E{b,htey.{h{y),t)) : Ey : A.B{y) 

>m,xir c^s b :T,x : A.B{x) 
Associated rewritings: 

^{H{r)) >rnx r 
K't,^{'r),£,{s)) >mxxt 
^(/X(r, s)) >xTnr S 
fj,{s,^{r)) >rnxlrS 

Definition 3.15 {a and r) 

X ^ry ■ A y ^sW : A y =s w: A x =r y : A 



X =T{r.,s) w : A w =^(s) y : A y =^(r) x : A 

Osts 



W =a(T(r.s)) X : A W ^^(^^(s) ^-f^)) X : A 

Associated rewriting: 

a{T{r, s)) >stss T{(j{s),a{r)) 

Definition 3.16 (a and sub) 

x^rC[y]:A y =s w : A' y^sW:A' x ^r C[y] : A 



X =subL(r,s) C[w\ : A w =0.(5) y : A' C[y] =^(r) x : A 



>ssbl 



CN — cr(subi.(r,s)) X : A C[w] — suba(CT(s),<j(r)) X : A 

X =r y ■■ A' C[y]^sW:A C[y] ^s w : A x ^r y ■ A' 



C[x] =subK(r,s) w : A w ^„(s) C[y]: A y ^„(r) x : A' 

^ssbr 



W =ff(subR(r,s)) C[x] : D W =subL(a(s),CT(r)) C[x] : A 

Associated rewritings: 

(T(subL(r, s)) >ssbl subR(cr(s), cr(r)) 

(7(subR(r, s)) >ssbr subL(cr(s), (T(r)) 

Definition 3.17 {a and 

X —r y '■ A X =r y '■ A 



i{x) =^(r) iiy) : A + B y =^^r) x : A 



i{y) =<T(c(r)) i{x) -.A + B i{y) =^(a(r)) i{x) : A + B 
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X =r y '■ A z =s w : B X =r y ■ A z =s w : B 

{x, z) =4(r,s) {y-,w) : Ay.B y =„(r) x: A w =cr(s) z ■■ B 



{y,w) =aiar,s)) {X,Z) : Ax B (y , w) =^{a{r),ais)) {x, z) : A X B 

[x -.A] [x: A] 

fix) =, g{x) : B{x) f{x) -, g{x) : B{x) 



Xx.f{x) =5(s) Xx.g{x) : IIx : A.B{x) g{x) =„i^s) f{x) : B{x) 



\x.g(x) =<t(C(s)) Aa;./(x) : lix : A.B{x) Xx.g{x) =5(<t(s)) Ax./(x) : IIx : A.B{x) 

Associated rewritings: 

<ar)) >s. C(a(r)) 

a{^{r, s)) \>sxss ^{(j{r), a{s)) 

Definition 3.18 {a and ^) 

X =r y '■ A X B X =r y '■ A X B 



FSTjx) =^(,) FSTjy) : A y =^(,) x : A x B 

FST{y) =,(^(,)) FST{x) : A ^^" FSt{y) =^ia{r)) FST{x) : A 
X =s y ■■ A f =r g ■■ A ^ B 



APPif,x)=^^,,r)APPig,y):B 
APP{g,y) =.(^(.,.)) APP{f,x) : B 



y : A f =r g ■■ A ^ B 



y =<t(s) X : A g =^(,.) f : A^ B 
>«™- APF(g, y) =^iais).air)) APP{,f, x) : B 
[s -.A] [t: B] 



X 



=ry:A + B d{s) =„ /(g) : C e(t) =J g{t) : C 
D{x,sd{s),ie{t)) =^(r,«,t») D{y,sJ{s),ig{t)) ■ C 

D{y,sf{s),tg{t)) : C ^^(^.(r^u.v)) D(x, sd{s),te(t)) : C 

[s -.A] [t: B] 

x^ry-A + B d{s) =„ f{s) : C e{t) =„ g{t) : C 

y ^a(r) X : A + B f{s) ^^(„) d{s) : C g{t) =^(t,) e(t) : C 
"""''"' D{y, sf{s),tg{t)) =f,(a(r)M{u),a(v)) D{x, sd{s), te{t)) : C 
[t : A, g(t) : B{t)] 
e^sb:Y.x: A.B{x) d{g, t) =r /(.g, t) : C 
E{e,gtd{g,t)) ^^(,^,) E{b,gtf{g,t)) : C 

E{b,gtf{g,t)) -,(^(,,.)) E{e,gid{g,t)) : C 

[t : A, .9(t) : B(i)] 
e^sb:T.x: A.Bjx) d{g,t) ^r f{g,t) : C 

b ^„(s) e : Sx : A.B{x) J{g, t) ^^(^r) djg, t) : C 

^ STflSS ' ' 

E{b,gtf{g,t)) ^f,(a{s),cr{r)) E{e,gtd{g,t)) : C 
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Associated rewritings: 

a{n{s, r)) t>smss ^J■{o■{s), a-{r)) 

a{^J.{r, M, v)) >smsss K'^ir), cr{u),a{v)) 

Definition 3.19 (t and sub) 

X =r C[y] -.A y ^s w : A' 

X =subi,(r,s) C[w] : A C[w] =t z : A 

X =T(subi,(r,s),t) Z : A 

y ^s w : A' C[w] ^t z : A 
x^rC[y]:A C[j/] =subR(s.t) z : A 

>tsbU 



X —T{r,sub^(s,t)) Z : A 

y ~s w : A C[w] =t z : A 

C[y] =sub„(s,t) z ■ A z^uv : A 



C[y] ==r(subR(s,t),«) V : A 

C[w] —t z : A z —u V : A 
y^sW.D' C[w\ ^T(t.u) V : A 

^tsbrl 



C[y] =subB(s,T(t,«)) V : A 



C[z] =p C[z] -.A z^sW-A' 



X =r C[z\ : A C[z] =sub,(p,«) ^M ■ A 

X —T(r,subLip,s)) C[w\ : A 

X —r C\z\ : A z =^ w : A' 



^tsblr 



=subi.(r,s) C[w] : A 



x=rC[w] -.A C[w] ==sub„(s,p) C[z]: A 



— T(r,subR(s,p)) ^[z\ '■ A 

X =r C[w] : D w =s z : A' 



^tsbrr 



X — subL(r,s) ^[^\ ■ ^ 



Definition 3.20 (t and r) 

X ^ty ■ A y ^r w ■ A 



'T(t.r) w : A w —s z : A 

X =T{T{t,r),s) z : A 

y ^r w ■ A w —s z : A 
x^ty ■■ A y =r(r,s) z : A 



■^ ■rd.Tir'iW ^ 



r{t^T{r,s)) 



A 



Associated rewritings: 

r(subL(r, s), t) >tsbu T{r, subR(s, t)) 

r(subR(s,t),u)) >tsbrl SUbR(s,T(i,M)) 

T{r, subL(T, s)) >tsbir subL(r, s) 
T{r, subR(s, r)) >tsbrr subL(r, s) 
T{T{t,r),s) \>uT{t,T{r,s)) 
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By analysing all cases of redundant proofs involving equality we arrive at follow- 
ing set of associated rewriting rules. (NB. In the same way the definitional equalities 
(coming from rewriting rules) over terms of the A calculus had to be given names - j3, 
Tj, £,, jjL, etc. -, we will need to assign a name to each rewriting rule for terms represent- 
ing computational paths. For the lack of a better naming choice at this point, we have 
tried to use abbreviations related to the operations involved.) 

Definition 3.21 (LNDeq-TRS) 

1. a{p) \>sr P 

2. a{a{r)) t>ss r 
3.T{C[r],C[a{r)])>trC[p] 
4.T{C[a{r)lC[r])t>tsrC[p] 

5.T{C[r],C[p])>rrrC[r] 

6.T{C[p],C[r])>irrC[r] 

7. suh^{C[rlC[p])>sirC[r] 

8. suhKiC[p],C[r])>srrC[r] 

9. subL(subL(s,C[r]),C[cr(r)]) >sis s 

10. subL(subL(s,C[cr(r)]),C[r]) >siss s 

11. subR(C[s],subR(C[cr(s)],r))>srs r 

12. SUbR(C[cr(s)],SUbR(C[s],r)) >srrrr 

13. p{S,{r, s)) >mx2i r 

14. /X($(r, S)) \>mx2r S 

15. p{^{r),S,u) >mx3l s 

16. /z(^(r),S,w) t>mx3rU 

17. /x(s,5(r)) t>mxi r{s) 

18. /x(^(r),s) >mxr S 

19. ^{pir)) >mx r 

20. pit,^{r),^{s)) \>mxxt 

21. ^{p{r, S)) Oxmr S 

22. p{s,^{r)) >mxlrS 

23. a{T{r, s)) >stss t(<t{s), cr(r)) 

24. cr(subL(r,s)) >ssbi subR(cr(s),CT(r)) 

25. (T(subR(r, s)) >ssbr snhi^{a{s),a{r)) 

26. a(e(r)) >«, ^('^(r)) 

27. cr(^(s,r)) >sxss ^{(j{s),a{r)) 

28. (T{p{r)) \>sm p{cF{r)) 

29. cf{p{s, r)) >smss Ai(o-(s), a{r)) 

30. (j{p{r, u, v)) >smsss K<^{r), <y{u), cr{v)) 

31. T{r, subL(p, s)) >tsbu subL(r, s) 

32. T{r, subR(s, p)) t-tsbri subL(r, s) 

33. T(subL(r, s), t) t>tsbir T{r, subR(s, t)) 

34. T(subR(s,i),lt) >tsbrr snbji{s , T {t , u)) 

35. T{T{t,r),s)>ttTit,T{r,s)) 

36. T{C[u],T{C[aiu)],v)) >u.s V 

37. T{C[a{u)],T{C[u],v)) >tstu. 

We have proved termination and confluence of the rewriting system LNDeq-TRS 
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As a matter of fact, rules 36 and 37 came out of the Knuth-Bendix com- 
pletion procedure applied to the the rewriting system. As we have previously pointed 
out, although the rewriting system is terminating and confluent, we have observed an 
interesting phenomenon here: there may be more than one normal proof of an equality 
statement. This is not a contradiction since the confluence property only says that the 
term for the equality reason can be brought to a unique normal form regardless of the 
order in which it is reduced. But there may be a different, yet normal/canonical, proof 
of the same equality statement. 

4 Conclusion 

Motivated by looking at equalities in type theory as arising from the existence of com- 
putational paths between two formal objects, our purpose here was to offer an alterna- 
tive perspective (to the one prevailing on the literature) on the role and the power of the 
so-called identity types, as well as of the notion of propositional equality as formalised 
in the so-called Curry-Howard functional interpretation. We started by recalling our 
previous observation ||371 pertaining to the fact that the formulation of the identity type 
by Martin-Lof, both in the intensional and in the extensional versions, did not take into 
account an important entity, namely, identifiers for sequences of rewrites, and this has 
led to a false dichotomy. 

Next, by considering as sequences of rewrites and substitution, we have shown that 
it comes a rather natural fact that two (or more) distinct proofs may be yet canonical and 
are none to be preferred over one another. By looking at proofs of equality as rewriting 
(or computational) paths this approach fits well with the recently proposed connections 
between type theory and homotopy theory via identity types, since elements of identity 
types will be, concretely, paths (or homotopies). In the end, our formulation of a proof 
theory for propositional equality is still very much in the style of type-theoretic iden- 
tity types which, besides being a reformulation of Martin-Lofs own intensional identity 
types into one which dissolves what we see as a false dichotomy, turned out to vali- 
date the groupoid laws as uncovered by Hofmann & Streicher as well as to refute the 
principle of uniqueness of identity proofs. 
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